From: mike Date: Fri, 8 Mar 2013 00:45:54 +0000 (+0000) Subject: Add new cupsdUnlinkOrRemoveFile function and use it to avoid extraneous use of X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c0e8699f90fd6087af1e5396e670c0713b0f7139;p=thirdparty%2Fcups.git Add new cupsdUnlinkOrRemoveFile function and use it to avoid extraneous use of the secure removal function. Change from a 7-pass algorithm to a 1-pass algorithm - no current drive needs 7 passes anymore, and 7 passes causes unnecessary wear-and-tear on SSDs/flash. git-svn-id: svn+ssh://src.apple.com/svn/cups/cups.org/trunk@10885 7a7537e8-13f0-0310-91df-b6672ffda945 --- diff --git a/scheduler/cupsd.h b/scheduler/cupsd.h index c59d1272d7..ddd642b8db 100644 --- a/scheduler/cupsd.h +++ b/scheduler/cupsd.h @@ -3,7 +3,7 @@ * * Main header file for the CUPS scheduler. * - * Copyright 2007-2012 by Apple Inc. + * Copyright 2007-2013 by Apple Inc. * Copyright 1997-2007 by Easy Software Products, all rights reserved. * * These coded instructions, statements, and computer programs are the @@ -187,6 +187,7 @@ extern cups_file_t *cupsdCreateConfFile(const char *filename, mode_t mode); extern cups_file_t *cupsdOpenConfFile(const char *filename); extern int cupsdOpenPipe(int *fds); extern int cupsdRemoveFile(const char *filename); +extern int cupsdUnlinkOrRemoveFile(const char *filename); /* main.c */ extern int cupsdAddString(cups_array_t **a, const char *s); diff --git a/scheduler/file.c b/scheduler/file.c index 8d33610c19..ca5aa5e2c5 100644 --- a/scheduler/file.c +++ b/scheduler/file.c @@ -3,7 +3,7 @@ * * File functions for the CUPS scheduler. * - * Copyright 2007-2011 by Apple Inc. + * Copyright 2007-2013 by Apple Inc. * Copyright 1997-2007 by Easy Software Products, all rights reserved. * * These coded instructions, statements, and computer programs are the @@ -14,15 +14,17 @@ * * Contents: * - * cupsdCleanFiles() - Clean out old files. + * cupsdCleanFiles() - Clean out old files. * cupsdCloseCreatedConfFile() - Close a created configuration file and move - * into place. - * cupsdClosePipe() - Close a pipe as necessary. - * cupsdCreateConfFile() - Create a configuration file safely. - * cupsdOpenConfFile() - Open a configuration file. - * cupsdOpenPipe() - Create a pipe which is closed on exec. - * cupsdRemoveFile() - Remove a file using the 7-pass US DoD method. - * overwrite_data() - Overwrite the data in a file. + * into place. + * cupsdClosePipe() - Close a pipe as necessary. + * cupsdCreateConfFile() - Create a configuration file safely. + * cupsdOpenConfFile() - Open a configuration file. + * cupsdOpenPipe() - Create a pipe which is closed on exec. + * cupsdRemoveFile() - Remove a file securely. + * cupsdUnlinkOrRemoveFile() - Unlink or securely remove a file depending + * on the configuration. + * overwrite_data() - Overwrite the data in a file. */ /* @@ -43,7 +45,7 @@ static int overwrite_data(int fd, const char *buffer, int bufsize, /* * 'cupsdCleanFiles()' - Clean out old files. */ - + void cupsdCleanFiles(const char *path, /* I - Directory to clean */ const char *pattern) /* I - Filename pattern or NULL */ @@ -65,7 +67,7 @@ cupsdCleanFiles(const char *path, /* I - Directory to clean */ return; } - cupsdLogMessage(CUPSD_LOG_INFO, "Cleaning out old files in \"%s\"...", path); + cupsdLogMessage(CUPSD_LOG_INFO, "Cleaning out old files in \"%s\".", path); while ((dent = cupsDirRead(dir)) != NULL) { @@ -81,13 +83,11 @@ cupsdCleanFiles(const char *path, /* I - Directory to clean */ status = rmdir(filename); } else - status = unlink(filename); + status = cupsdUnlinkOrRemoveFile(filename); if (status) cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to remove \"%s\" - %s", filename, strerror(errno)); - else - cupsdLogMessage(CUPSD_LOG_DEBUG, "Removed \"%s\"...", filename); } cupsDirClose(dir); @@ -123,7 +123,7 @@ cupsdCloseCreatedConfFile( snprintf(newfile, sizeof(newfile), "%s.N", filename); snprintf(oldfile, sizeof(oldfile), "%s.O", filename); - if ((cupsdRemoveFile(oldfile) && errno != ENOENT) || + if ((cupsdUnlinkOrRemoveFile(oldfile) && errno != ENOENT) || (rename(filename, oldfile) && errno != ENOENT) || rename(newfile, filename)) { @@ -285,14 +285,27 @@ cupsdOpenPipe(int *fds) /* O - Pipe file descriptors (2) */ /* - * 'cupsdRemoveFile()' - Remove a file using the 7-pass US DoD method. + * 'cupsdRemoveFile()' - Remove a file securely. */ int /* O - 0 on success, -1 on error */ cupsdRemoveFile(const char *filename) /* I - File to remove */ { #ifdef HAVE_REMOVEFILE - return (removefile(filename, NULL, REMOVEFILE_SECURE_7_PASS)); + /* + * See if the file exists... + */ + + if (access(filename, 0)) + return (0); + + cupsdLogMessage(CUPSD_LOG_DEBUG, "Securely removing \"%s\".", filename); + + /* + * Remove the file... + */ + + return (removefile(filename, NULL, REMOVEFILE_SECURE_1_PASS)); #else int fd; /* File descriptor */ @@ -301,6 +314,15 @@ cupsdRemoveFile(const char *filename) /* I - File to remove */ int i; /* Looping var */ + /* + * See if the file exists... + */ + + if (access(filename, 0)) + return (0); + + cupsdLogMessage(CUPSD_LOG_DEBUG, "Securely removing \"%s\".", filename); + /* * First open the file for writing in exclusive mode. */ @@ -330,31 +352,9 @@ cupsdRemoveFile(const char *filename) /* I - File to remove */ } /* - * Overwrite the file 7 times with 0xF6, 0x00, 0xFF, random, 0x00, 0xFF, - * and more random data. + * Overwrite the file with random data. */ - memset(buffer, 0xF6, sizeof(buffer)); - if (overwrite_data(fd, buffer, sizeof(buffer), (int)info.st_size)) - { - close(fd); - return (-1); - } - - memset(buffer, 0x00, sizeof(buffer)); - if (overwrite_data(fd, buffer, sizeof(buffer), (int)info.st_size)) - { - close(fd); - return (-1); - } - - memset(buffer, 0xFF, sizeof(buffer)); - if (overwrite_data(fd, buffer, sizeof(buffer), (int)info.st_size)) - { - close(fd); - return (-1); - } - CUPS_SRAND(time(NULL)); for (i = 0; i < sizeof(buffer); i ++) @@ -365,39 +365,31 @@ cupsdRemoveFile(const char *filename) /* I - File to remove */ return (-1); } - memset(buffer, 0x00, sizeof(buffer)); - if (overwrite_data(fd, buffer, sizeof(buffer), (int)info.st_size)) - { - close(fd); - return (-1); - } - - memset(buffer, 0xFF, sizeof(buffer)); - if (overwrite_data(fd, buffer, sizeof(buffer), (int)info.st_size)) - { - close(fd); - return (-1); - } - - for (i = 0; i < sizeof(buffer); i ++) - buffer[i] = CUPS_RAND(); - if (overwrite_data(fd, buffer, sizeof(buffer), (int)info.st_size)) - { - close(fd); - return (-1); - } - /* - * Whew! Close the file (which will lead to the actual deletion) and - * return success... + * Close the file, which will lead to the actual deletion, and return... */ - close(fd); - return (0); + return (close(fd)); #endif /* HAVE_REMOVEFILE */ } +/* + * 'cupsdUnlinkOrRemoveFile()' - Unlink or securely remove a file depending + * on the configuration. + */ + +int /* O - 0 on success, -1 on error */ +cupsdUnlinkOrRemoveFile( + const char *filename) /* I - Filename */ +{ + if (Classification) + return (cupsdRemoveFile(filename)); + else + return (unlink(filename)); +} + + #ifndef HAVE_REMOVEFILE /* * 'overwrite_data()' - Overwrite the data in a file. diff --git a/scheduler/job.c b/scheduler/job.c index ffe72a56ef..85e0756486 100644 --- a/scheduler/job.c +++ b/scheduler/job.c @@ -4326,10 +4326,7 @@ remove_job_files(cupsd_job_t *job) /* I - Job */ { snprintf(filename, sizeof(filename), "%s/d%05d-%03d", RequestRoot, job->id, i); - if (Classification) - cupsdRemoveFile(filename); - else - unlink(filename); + cupsdUnlinkOrRemoveFile(filename); } free(job->filetypes); @@ -4360,10 +4357,7 @@ remove_job_history(cupsd_job_t *job) /* I - Job */ snprintf(filename, sizeof(filename), "%s/c%05d", RequestRoot, job->id); - if (Classification) - cupsdRemoveFile(filename); - else - unlink(filename); + cupsdUnlinkOrRemoveFile(filename); LastEvent |= CUPSD_EVENT_PRINTER_STATE_CHANGED; }